X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=tcl_tests%2Fpkcs8.try;fp=tcl_tests%2Fpkcs8.try;h=ce742c7bd896465a4156cfbbae1ee5b8f6493134;hb=3b8ddfe2f303b8931842e52bdb5c07c97042f651;hp=0000000000000000000000000000000000000000;hpb=e09d5a86fe1cb876b3c7cf5eb0d890f557b466d0;p=openssl-gost%2Fengine.git

diff --git a/tcl_tests/pkcs8.try b/tcl_tests/pkcs8.try
new file mode 100644
index 0000000..ce742c7
--- /dev/null
+++ b/tcl_tests/pkcs8.try
@@ -0,0 +1,170 @@
+#!/usr/bin/tclsh
+lappend auto_path [file dirname [info script]]
+package require ossltest
+cd $::test::dir
+start_tests "ÑÐµÑÑÑ Ð½Ð° ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ pkcs8" 
+set key "-----BEGIN PRIVATE KEY-----
+MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgIgSZ82qYpu6RQj
+UeoKl5svrvYuMriHeAQvuSIvjAg5fnk=
+-----END PRIVATE KEY-----
+"
+
+test "ÐÐµÑÐ°ÑÐ°ÐµÐ¼ ÑÑÐ°Ð»Ð¾Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2001" {
+	set etalon [openssl [list pkey -text -noout << $key]]
+} 0 "Private key: 499F36A98A6EE9142351EA0A979B2FAEF62E32B88778042FB9222F8C08397E79
+Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
+"
+
+test "ÐÐ¾Ð½Ð²ÐµÑÑÐ¸ÑÑÐµÐ¼ Ð² DER Ð¸ Ð¿ÑÐ¾Ð²ÐµÑÑÐµÐ¼, ÑÑÐ¾ ÐºÐ»ÑÑ ÑÐ¾Ñ Ð¶Ðµ gost2001" {
+	openssl [list pkcs8 -outform DER -out pkcs8-1.der -nocrypt << $key]
+	openssl [list pkey -inform DER -text -noout -in pkcs8-1.der]
+} 0 $etalon
+
+
+save_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+test "ÐÐ°ÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð½ÐµÐ·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2001, Ð¿Ð°ÑÐ°Ð¼ÐµÑÑÑ CryptoPro-A" {
+	makeFile pkcs8-1A.key $key
+	set env(CRYPT_PARAMS) "id-Gost28147-89-CryptoPro-A-ParamSet"
+	set env(GOST_PBE_HMAC) "md_gost94"
+	openssl [list pkcs8 -v2 gost89 -passout pass:qwertyu -in pkcs8-1A.key -topk8 -out encA.key << $key]
+	file exists encA.key
+} 0 1
+restore_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+	
+test -skip {![file exists encA.key]} "ÐÑÐ¾Ð²ÐµÑÑÐµÐ¼ OID-Ñ PBE" {
+	set res [extract_oids encA.key]
+	regexp "HMAC GOST 34\.11-94" $res && regexp "GOST .*89"
+} 0 1
+
+test "Ð Ð°ÑÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2001" {
+	set unencrypted [openssl [list pkcs8 -passin pass:qwertyu -topk8 -nocrypt -in encA.key]]
+	openssl [list pkey -text -noout << $unencrypted]
+	
+} 0 $etalon
+
+save_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+test "ÐÐ°ÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð½ÐµÐ·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2001, Ð¿Ð°ÑÐ°Ð¼ÐµÑÑÑ CryptoPro-B" {
+	makeFile pkcs8-1B.key $key
+	set env(CRYPT_PARAMS) "id-Gost28147-89-CryptoPro-B-ParamSet"
+	set env(GOST_PBE_HMAC) "md_gost94"
+	openssl [list pkcs8 -v2 gost89 -passout pass:qwertyu -in pkcs8-1B.key -topk8 -out encB.key << $key]
+	file exists encB.key
+} 0 1
+restore_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+	
+test -skip {![file exists encB.key]} "ÐÑÐ¾Ð²ÐµÑÑÐµÐ¼ OID-Ñ PBE" {
+	set res [extract_oids encB.key]
+	regexp "HMAC GOST 34\.11-94" $res && regexp "GOST .*89"
+} 0 1
+
+
+test "Ð Ð°ÑÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2001" {
+	set unencrypted [openssl [list pkcs8 -passin pass:qwertyu -topk8 -nocrypt -in encB.key]]
+	openssl [list pkey -text -noout << $unencrypted]
+	
+} 0 $etalon
+
+
+test "Ð Ð°ÑÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ ÐºÐ»ÑÑ, ÑÐ¾Ð·Ð´Ð°Ð½Ð½ÑÐ¹ mkkey" {
+	makeFile pkcs8-2.key "-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGvMFUGCSqGSIb3DQEFDTBIMCcGCSqGSIb3DQEFDDAaBAjIvbrnGmGbTAIC
+CAAwCgYGKoUDAgIKBQAwHQYGKoUDAgIVMBMECOtWtCMQo3dzBgcqhQMCAh8B
+BFZFPKP6qDKi57rmas1U2fUjyZwjmrk6Y+naeWG/BTVJNJklW3HaHP+wuIFb
+bxdi6rTNsYqxWm26qUHz6Op5SvCm0y+f8zE9cACQ5KQnFvNlojHvzmjO+Q==
+-----END ENCRYPTED PRIVATE KEY-----
+"
+	set unencrypted [openssl [list pkcs8 -passin pass:qwertyu -nocrypt -topk8 -in pkcs8-2.key ]]
+	openssl [list pkey -text -noout << $unencrypted]
+} 0 $etalon
+
+test "Ð Ð°ÑÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ ÐºÐ»ÑÑ, ÑÐ¾Ð·Ð´Ð°Ð½Ð½ÑÐ¹ mkkey, ÑÑÑÑÐºÐ¸Ð¹ Ð¿Ð°ÑÐ¾Ð»Ñ" {
+	set env(PASS) [encoding convertfrom [encoding convertto utf-8 [rus "Ð¹ÑÑÐºÐµÐ½Ð³"]]]
+	makeFile pkcs8-3.key "-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIGvMFUGCSqGSIb3DQEFDTBIMCcGCSqGSIb3DQEFDDAaBAgSfbLQ+fNe0AIC
+CAAwCgYGKoUDAgIKBQAwHQYGKoUDAgIVMBMECJJ1Qd/rIBxqBgcqhQMCAh8B
+BFZWfyFs12456ECvzNyg7LkPNAJS7qPih78kY4DJP7ty4bMydfCkfg20fMNl
+O2zlJtg37z9vbhvqdWODCXc/XJ+Txmw3GLVDcvwQ/0woebcPlNUvMd9BzA==
+-----END ENCRYPTED PRIVATE KEY-----
+"
+	set unencrypted [openssl [list pkcs8 -passin env:PASS -nocrypt -topk8 -in pkcs8-3.key ]]
+	grep Private [openssl [list pkey -text -noout << $unencrypted]]
+} 0 "Private key: 894150BCD66A400C198154D68E5817A6EF3546983863B57F6D04F5C14FD766CC\n"
+
+set key256 "-----BEGIN PRIVATE KEY-----
+MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgIgK/ezK4Z5
+GCo/srftX/HPs2AmcFKffF3/RWokTAKxMcM=
+-----END PRIVATE KEY-----
+"
+
+test "ÐÐµÑÐ°ÑÐ°ÐµÐ¼ ÑÑÐ°Ð»Ð¾Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2012_256" {
+	set etalon256 [openssl [list pkey -text -noout << $key256]]
+} 0 "Private key: 2BF7B32B8679182A3FB2B7ED5FF1CFB3602670529F7C5DFF456A244C02B131C3
+Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
+"
+
+test "ÐÐ¾Ð½Ð²ÐµÑÑÐ¸ÑÑÐµÐ¼ Ð² DER Ð¸ Ð¿ÑÐ¾Ð²ÐµÑÑÐµÐ¼, ÑÑÐ¾ ÐºÐ»ÑÑ ÑÐ¾Ñ Ð¶Ðµ gost2012_256" {
+	openssl [list pkcs8 -outform DER -out pkcs8-256.der -nocrypt << $key]
+	openssl [list pkey -inform DER -text -noout -in pkcs8-256.der]
+} 0 $etalon
+
+save_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+test "ÐÐ°ÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð½ÐµÐ·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2012_256, Ð¿Ð°ÑÐ°Ð¼ÐµÑÑÑ TK26 (ÑÐ¼Ð¾Ð»ÑÐ°ÑÐµÐ»ÑÐ½ÑÐµ)" {
+	makeFile pkcs8-256.key $key256
+	catch {unset env(CRYPT_PARAMS)}
+	catch {unset env(GOST_PBE_HMAC)}
+	openssl [list pkcs8 -v2 gost89 -passout pass:qwertyu -in pkcs8-256.key -topk8 -out enc256.key << $key]
+	file exists enc256.key
+} 0 1
+restore_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+	
+test -skip {![file exists enc256.key]} "ÐÑÐ¾Ð²ÐµÑÑÐµÐ¼ OID-Ñ PBE" {
+	set res [extract_oids enc256.key]
+	regexp "HMAC GOST 34\.11-2012" $res && regexp "GOST .*89"
+} 0 1
+
+test "Ð Ð°ÑÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2012_256" {
+	set unencrypted [openssl [list pkcs8 -passin pass:qwertyu -topk8 -nocrypt -in enc256.key]]
+	openssl [list pkey -text -noout << $unencrypted]
+	
+} 0 $etalon256
+
+set key512 "-----BEGIN PRIVATE KEY-----
+MGsCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRDAkEAiCjF
+2rwOmb5YwNnyObveusCDO+kw33jBijSrPiye155EO4ABz2aG8SHOTObVv4dFgtfZ
+g7wCuOZN3D6RSByFJA==
+-----END PRIVATE KEY-----
+"
+
+save_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+test "ÐÐµÑÐ°ÑÐ°ÐµÐ¼ ÑÑÐ°Ð»Ð¾Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2012_512" {
+	set etalon512 [openssl [list pkey -text -noout << $key512]]
+} 0 "Private key: 8828C5DABC0E99BE58C0D9F239BBDEBAC0833BE930DF78C18A34AB3E2C9ED79E443B8001CF6686F121CE4CE6D5BF874582D7D983BC02B8E64DDC3E91481C8524
+Parameter set: GOST R 34.10-2012 (512 bit) ParamSet A
+"
+
+test "ÐÐ¾Ð½Ð²ÐµÑÑÐ¸ÑÑÐµÐ¼ Ð² DER Ð¸ Ð¿ÑÐ¾Ð²ÐµÑÑÐµÐ¼, ÑÑÐ¾ ÐºÐ»ÑÑ ÑÐ¾Ñ Ð¶Ðµ gost2012_512" {
+	openssl [list pkcs8 -outform DER -out pkcs8-512.der -nocrypt << $key]
+	openssl [list pkey -inform DER -text -noout -in pkcs8-512.der]
+} 0 $etalon
+
+test "ÐÐ°ÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð½ÐµÐ·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2012_512, Ð¿Ð°ÑÐ°Ð¼ÐµÑÑÑ TK26 (ÑÐ¼Ð¾Ð»ÑÐ°ÑÐµÐ»ÑÐ½ÑÐµ)" {
+	makeFile pkcs8-512.key $key512
+	catch {unset env(CRYPT_PARAMS)}
+	set env(GOST_PBE_HMAC) "md_gost12_512"
+	openssl [list pkcs8 -v2 gost89 -passout pass:qwertyu -in pkcs8-512.key -topk8 -out enc512.key << $key]
+	file exists enc512.key
+} 0 1
+restore_env2 {CRYPT_PARAMS GOST_PBE_HMAC}
+	
+test -skip {![file exists enc512.key]} "ÐÑÐ¾Ð²ÐµÑÑÐµÐ¼ OID-Ñ PBE" {
+	set res [extract_oids enc512.key]
+	regexp "HMAC GOST 34\.11-2012" $res && regexp "GOST .*89"
+} 0 1
+
+test "Ð Ð°ÑÑÐ¸ÑÑÐ¾Ð²ÑÐ²Ð°ÐµÐ¼ Ð·Ð°ÑÐ¸ÑÑÐ¾Ð²Ð°Ð½Ð½ÑÐ¹ ÐºÐ»ÑÑ gost2012 512 bit" {
+	set unencrypted [openssl [list pkcs8 -passin pass:qwertyu -topk8 -nocrypt -in enc512.key]]
+	openssl [list pkey -text -noout << $unencrypted]
+	
+} 0 $etalon512
+
+end_tests